yppasswd successful but not changed on NIS client?
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
yppasswd successful but not changed on NIS client?
Hi.. i know this question might have be posted a few times, but appears no one has pointed out what the solution to this could be....
my nis server/client works fine..using autofs to mount user home directories as well..but running yppasswd doesnt seem to work on the client at all - it will say changed passwd successful..but it still ends up reading off the local passwd file - original passwd?? but if i login to that user acct on server...it logins using the new passwd i have set from the nis client?
I have both ypserv,ypbind and yppasswd running on server, and only ypbind running on client binding to the correct server.
***PLEASE NOTE: constant refused connection shows even i login as as user, after i login as user...
Sep 24 22:16:48 Fedora ypserv[1674]: refused connect from 192.168.1.5:32771 to procedure yp proc_match (NISMASTER,shadow.byname;-1)
Sep 24 22:16:48 Fedora ypserv[1674]: refused connect from 192.168.1.5:32771 to procedure yp proc_match (NISMASTER,shadow.byname;-1)
I believe the problem is likely to be here but i just dun know which part of the setup went wrong...
These are the logs from /var/log/messages:
Sep 24 22:16:46 Fedora rpc.mountd: authenticated mount request from vmclient1:748 for /home /mattcurrie (/home)
Sep 24 22:16:48 Fedora ypserv[1674]: refused connect from 192.168.1.5:32771 to procedure yp proc_match (NISMASTER,shadow.byname;-1)
Sep 24 22:16:48 Fedora ypserv[1674]: refused connect from 192.168.1.5:32771 to procedure yp proc_match (NISMASTER,shadow.byname;-1)
Sep 24 22:16:53 Fedora rpc.mountd: authenticated mount request from vmclient1:875 for /home /elaine (/home)
Sep 24 22:17:01 Fedora ypserv[1674]: refused connect from 127.0.0.1:926 to procedure ypproc _domain (NISMASTER,;0)
Sep 24 22:17:21 Fedora ypserv[1674]: refused connect from 127.0.0.1:926 to procedure ypproc _domain (NISMASTER,;0)
Sep 24 22:17:33 Fedora rpc.yppasswdd[2002]: update mattcurrie (uid=503) from host 192.168.1 .5 successful.
Sep 24 22:17:34 Fedora ypserv[1674]: refused connect from 127.0.0.1:658 to procedure ypproc _clear (,;0)
Sep 24 22:17:41 Fedora ypserv[1674]: refused connect from 127.0.0.1:926 to procedure ypproc _domain (NISMASTER,;0)
Sep 24 22:17:55 Fedora rpc.mountd: authenticated unmount request from vmclient1:633 for /ho me/elaine (/home)
Sep 24 22:17:55 Fedora rpc.mountd: authenticated unmount request from vmclient1:634 for /ho me/fireice (/home)
Sep 24 22:18:01 Fedora ypserv[1674]: refused connect from 127.0.0.1:926 to procedure ypproc _domain (NISMASTER,;0)
Sep 24 22:18:41 Fedora last message repeated 2 times
I hardly think changing your password should necessitate running ypinit on the server and restarting ypbind on the client as suggested above. In any case, the howto explicitly says DON'T use ypinit to propagate changes on the server's maps - rather use make -C /var/yp.
I don't have a complete answer to your question, but try ypmatch [user] passwd and see if that matches the change to [user]'s password hash on the master's /etc/shadow. Run ypwhich -m to see which master the maps refer to. I assume you're only running one server as a master (if not, you need to see which server any particular client is consulting by running ypwhich on the client); are you also running ypbind on the master? What is the output of ypcat ypservers? Every server, all the masters and slaves, should be listed there.
ypcat, ypwhich, ypmatch all shows correct output, what i have found out is that i had to change in nsswitch to use compact for passwd and group entries...and to do the following on the client's files:/etc/passwd
/etc/passwd
The following entry should be added to the end of the file. A "+" followed by six ":"s
+::::::
/etc/group
The following entry should be added to the end of the file. A "+" followed by three ":"s
+:::
/etc/shadow
The following entry should be added to the end of the file. A "+" followed by eight ":"s
+::::::::
can someone confirm if this is required so NIS client knows to read the passwd,group,shadow files for auth during login process?
and whats the difference with runnning make -C /var/yp or running make inside the var/yp is what i normally do?
How do i restrict access to example a user call nistest from logging into to a specific NIS client? Do i need to do something like the +:: stuff?? And will i normally use hosts.deny to restrict certain host access to NIS by restricting portmapd or is it better to use the securenets file?can someone pls give me some examples of restricting user and host access to NIS pls?
I have battled this issue my self a while ago.
You need to have the yppasswdd deamon running on the NIS server (observe the double d).
Have you checked the NIS server version of the map using the command ypcat
Most likely the server password is updated.
You list the server setting of /etc/nsswitch.conf, what are the settings on the client?
Are the client configured to lookup the password via NIS or is it still looking at the local files?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.